npm-registry-fetch - npm Package Compare versions

Comparing version 13.0.1 to 13.1.0

lib/check-response.js

@@ -7,2 +7,3 @@ 'use strict'
 const log = require('proc-log')
+const cleanUrl = require('./clean-url.js')
 
@@ -49,16 +50,4 @@ /* eslint-disable-next-line max-len */
   const cacheStr = cacheStatus ? ` (cache ${cacheStatus})` : ''
+  const urlStr = cleanUrl(res.url)
 
-  let urlStr
-  try {
-    const { URL } = require('url')
-    const url = new URL(res.url)
-    if (url.password) {
-      url.password = '***'
-    }
-
-    urlStr = url.toString()
-  } catch (er) {
-    urlStr = res.url
-  }
-
   log.http(
@@ -65,0 +54,0 @@ 'fetch',

lib/index.js

@@ -107,7 +107,7 @@ 'use strict'
 
-  const doFetch = async body => {
+  const doFetch = async fetchBody => {
     const p = fetch(uri, {
       agent: opts.agent,
       algorithms: opts.algorithms,
-      body,
+      body: fetchBody,
       cache: getCacheMode(opts),
@@ -243,1 +243,3 @@ cachePath: opts.cache,
 }
+
+module.exports.cleanUrl = require('./clean-url.js')

package.json

 {
   "name": "npm-registry-fetch",
-  "version": "13.0.1",
+  "version": "13.1.0",
   "description": "Fetch-based http client for use with npm registry APIs",
   "main": "lib",
   "files": [
-    "bin",
-    "lib"
+    "bin/",
+    "lib/"
   ],
   "scripts": {
     "eslint": "eslint",
-    "lint": "eslint '**/*.js'",
+    "lint": "eslint \"**/*.js\"",
     "lintfix": "npm run lint -- --fix",
@@ -21,7 +21,10 @@ "prepublishOnly": "git push origin --follow-tags",
     "postsnap": "npm run lintfix --",
-    "postlint": "npm-template-check",
+    "postlint": "template-oss-check",
     "snap": "tap",
-    "template-copy": "npm-template-copy --force"
+    "template-oss-apply": "template-oss-apply --force"
   },
-  "repository": "https://github.com/npm/npm-registry-fetch",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/npm/npm-registry-fetch.git"
+  },
   "keywords": [
@@ -35,13 +38,14 @@ "npm",
   "dependencies": {
-    "make-fetch-happen": "^10.0.3",
+    "make-fetch-happen": "^10.0.6",
     "minipass": "^3.1.6",
-    "minipass-fetch": "^2.0.1",
+    "minipass-fetch": "^2.0.3",
     "minipass-json-stream": "^1.0.1",
     "minizlib": "^2.1.2",
-    "npm-package-arg": "^9.0.0",
+    "npm-package-arg": "^9.0.1",
     "proc-log": "^2.0.0"
   },
   "devDependencies": {
-    "@npmcli/template-oss": "^2.8.1",
-    "cacache": "^15.3.0",
+    "@npmcli/eslint-config": "^3.0.1",
+    "@npmcli/template-oss": "3.1.2",
+    "cacache": "^16.0.2",
     "nock": "^13.2.4",
@@ -57,7 +61,8 @@ "require-inject": "^1.4.4",
   "engines": {
-    "node": "^12.13.0 || ^14.15.0 || >=16"
+    "node": "^12.13.0 || ^14.15.0 || >=16.0.0"
   },
   "templateOSS": {
-    "version": "2.8.1"
+    "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.",
+    "version": "3.1.2"
   }
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

37518

increased by1.25%

Number of low supply chain risk alerts

1

decreased by-50%

Worsened metrics

Dev dependency count

7

increased by16.67%

Lines of code

515

decreased by-0.39%

Dependency changes

• Updatedmake-fetch-happen@^10.0.6

• Updatedminipass-fetch@^2.0.3

• Updatednpm-package-arg@^9.0.1